﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.Common;
using System.Text;
using StoreManagementSystem.DomainObjects;

namespace StoreManagementSystem.DataAccessLayer
{
    public class SQLStoreUserDAO : IDataAccessObject<Entity>
    {
        private ISQLDataProvider DataProvider { get; set; }
        private string Connection {get; set;}
        public SQLStoreUserDAO(ISQLDataProvider SQLDataProvider, string connection) 
        {
            DataProvider = SQLDataProvider;
            Connection = connection;
        }

        /// <summary>
        /// Registers a user to the system using parameterized queries
        /// </summary>
        /// <param name="e"></param>
        public void create(Entity e)
        {
            if (e is StoreUser)
            {
                StoreUser user = (StoreUser)e;
                List<SQLParam> dbparams = new List<SQLParam>();
                dbparams.Add(new SQLParam("@id", user.id));
                dbparams.Add(new SQLParam("@FirstName", user.FirstName));
                dbparams.Add(new SQLParam("@LastName", user.LastName));
                dbparams.Add(new SQLParam("@Password", user.Password));
                dbparams.Add(new SQLParam("@LoginName", user.UserName));
                dbparams.Add(new SQLParam("@Email", user.Email));

                // build the parameter string to pass in values
                StringBuilder paramstr = new StringBuilder();
                StringBuilder setval = new StringBuilder();
                for (int i = 0; i < dbparams.Count - 1; i++)
                {
                    paramstr.Append(dbparams[i].Name + ",");
                    setval.Append("SET " + dbparams[i].Name + " = '" + dbparams[i].Value.ToString() + "'; ");
                }
                setval.Append("SET " + dbparams[dbparams.Count - 1].Name + " = '" + dbparams[dbparams.Count - 1].Value.ToString() + "'; ");
                paramstr.Append(dbparams[dbparams.Count - 1].Name);

                string SQL = setval.ToString() + " INSERT INTO storeuser (id,FirstName,LastName,Password,LoginName,Email) " +
                        "VALUES(" + paramstr.ToString() + ");";
                SQLDataProvider provider = new SQLDataProvider();
                provider.Open("MySQLConnectionString");
                provider.ExecuteSQL(SQL, dbparams, false);
                provider.Close();
            }
        }

        public DomainObjects.StoreUser get(params string[] parameters)
        {
            throw new NotImplementedException();
        }

        public void store(DomainObjects.StoreUser e)
        {
        }

        //public void store(Entity e)
        //{
        //    throw new NotImplementedException();
        //}

        Entity IDataAccessObject<Entity>.get(params string[] parameters)
        {
            throw new NotImplementedException();
        }

        public void remove(Entity e)
        {
            throw new NotImplementedException();
        }

        public void update(Entity e)
        {
            throw new NotImplementedException();
        }
    }
}